From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 89D7EC432BE for ; Fri, 27 Aug 2021 03:53:53 +0000 (UTC) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9302B60F42 for ; Fri, 27 Aug 2021 03:53:52 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 9302B60F42 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.denx.de Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id E12FD8322E; Fri, 27 Aug 2021 05:53:49 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="QLX/xebx"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id A81168322F; Fri, 27 Aug 2021 05:53:47 +0200 (CEST) Received: from mail-pg1-x532.google.com (mail-pg1-x532.google.com [IPv6:2607:f8b0:4864:20::532]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 128368321D for ; Fri, 27 Aug 2021 05:53:43 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=takahiro.akashi@linaro.org Received: by mail-pg1-x532.google.com with SMTP id s11so4874748pgr.11 for ; Thu, 26 Aug 2021 20:53:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to; bh=emKvN4w/+36E56RgUcjBFaR+/9324f/ZlJn/+wcXWfQ=; b=QLX/xebxgqXlKBrJ8TAfW803Rd9jVKbKu1Z6OBN+kWAcB4AFVO1MzWekzbl8FWKVSJ Y3zPtQVL7kBaJf8YEWJcKJcADqsI7Anha9kvkOCDS+bAgSaTNhYdTzVXepkrjXHIb36s Ec3Yh/MACn0i/DhDkFATT9v/RMSiwFUK9px0uDBlQ8+liqBJ8qCoIpLSiq1Pl+DTuu9x gPykKjgpf7PejZF6tEAk3u4I2poxAYcW3MWaqRrCZwTbqDnS6myGEWz1XuSWHHh8kENa 1ggsjz82juXikBEaKDkfV1rndn1m4H7SWOJk76UyOBHQ5rl6GLvbigqAPfcZDzjavH+j DcHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :in-reply-to; bh=emKvN4w/+36E56RgUcjBFaR+/9324f/ZlJn/+wcXWfQ=; b=nUKizbg4Aja1SNo+fJa/HdKSQpBAFXSdWQm7cAAtW0q3HmtJ61mQ0VEDANVC8u8qGo Xcx132gHN0/Iwuydy8MjFeEq7318G6Fa9lm57/E1NbhGtBKjyZPnFWB3V6pqst4rZvoy 85DXtFAhIpxsrbPCUapDsxkGg2bjVW13FMpEyRbZEl8o6N25Cx/eVqUTdsrN6ePXFl40 DX0H5zrsGA/fnBiS/Ax1Kai/kjsyJY19TmFQ3jYfu5bML8ODSBOCGGX0jVQ6nQQRwwry EWVUUaRbQJBBvnaCRqh0i59l6gYNrmp5/7L0Uu+yfDR64hwJoNr6g6ZBKnvBeDM2vxAB vHRA== X-Gm-Message-State: AOAM5309gIK3+VRcM5Y05zvdiABGZzQn6B+BGnuAuV9r9sRO7qsXVTvx eDE0srTskqkVjM3Hka8NbFln6A== X-Google-Smtp-Source: ABdhPJwjTsO+c2nCABQzRzo5y1VffCuSv+W5vMQb4xnDojuRi6TKhr+6OcRtP/bCE0l+owlymFM4zw== X-Received: by 2002:a62:a20d:0:b029:35b:73da:dc8d with SMTP id m13-20020a62a20d0000b029035b73dadc8dmr7151298pff.54.1630036421126; Thu, 26 Aug 2021 20:53:41 -0700 (PDT) Received: from laputa (p784a6698.tkyea130.ap.so-net.ne.jp. [120.74.102.152]) by smtp.gmail.com with ESMTPSA id gc20sm454880pjb.17.2021.08.26.20.53.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Aug 2021 20:53:40 -0700 (PDT) Date: Fri, 27 Aug 2021 12:53:36 +0900 From: AKASHI Takahiro To: Heinrich Schuchardt Cc: u-boot@lists.denx.de, Alexander Graf , Ilias Apalodimas , Heinrich Schuchardt Subject: Re: [PATCH v2 6/6] efi_loader: always initialize the secure boot state Message-ID: <20210827035336.GC52912@laputa> Mail-Followup-To: AKASHI Takahiro , Heinrich Schuchardt , u-boot@lists.denx.de, Alexander Graf , Ilias Apalodimas , Heinrich Schuchardt References: <20210826134805.148975-1-heinrich.schuchardt@canonical.com> <20210826134805.148975-7-heinrich.schuchardt@canonical.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210826134805.148975-7-heinrich.schuchardt@canonical.com> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean On Thu, Aug 26, 2021 at 03:48:05PM +0200, Heinrich Schuchardt wrote: > Even if we cannot read the variable store from disk we still need to > initialize the secure boot state. > > Don't continue to boot if the variable preseed is invalid as this indicates > that the variable store has been tampered. > > Signed-off-by: Heinrich Schuchardt > --- > v2: > no change > --- > lib/efi_loader/efi_variable.c | 12 ++++++++---- > 1 file changed, 8 insertions(+), 4 deletions(-) > > diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c > index 80996d0f47..6d92229e2a 100644 > --- a/lib/efi_loader/efi_variable.c > +++ b/lib/efi_loader/efi_variable.c > @@ -427,13 +427,17 @@ efi_status_t efi_init_variables(void) > if (IS_ENABLED(CONFIG_EFI_VARIABLES_PRESEED)) { > ret = efi_var_restore((struct efi_var_file *) > __efi_var_file_begin, true); > - if (ret != EFI_SUCCESS) > + if (ret != EFI_SUCCESS) { > log_err("Invalid EFI variable seed\n"); > + return ret; > + } > } > - > - ret = efi_var_from_file(); > + ret = efi_init_secure_state(); > if (ret != EFI_SUCCESS) > return ret; > > - return efi_init_secure_state(); > + /* Don't stop booting if variable store is not available */ > + efi_var_from_file(); I think we have to think about two different cases: 1) there is no "variable store" file available. 2) it does exists, but reading from it (efi_var_restore()) failed For (2), we should return with an error as in the case of CONFIG_EFI_VARIABLES_PRESEED. Otherwise, the behavior is inconsistent. - Takahiro Akashi > + > + return EFI_SUCCESS; > } > -- > 2.30.2 >